|   |   |   | ||||
| Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums. You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact us. | 
|    | 
| 
 | |||||||
| Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed. | 
|  | Thread Tools | 
|  05-27-2010, 10:37 PM | #1 | 
| I help you SUCCEED Industry Role:  Join Date: Nov 2003 Location: The Pearl of the Orient Seas 
					Posts: 32,195
				 | 
				
				Is Wordpress a TICKING TIME BOMB?
			 Interesting thesis at http://www.ixdownload.com/news/wordp...protected.html Old WP installs + malware scanners + exploits = malware distribution enabling sites (via redirect) Do most hosts do automated WP upgrades/updates? | 
|   |           | 
|  05-27-2010, 10:51 PM | #2 | |
| Confirmed User Industry Role:  Join Date: Jan 2002 Location: Miami Beach, FL 
					Posts: 203
				 | Quote: 
 even a simple theme may not work between versions, worst for pluggings, much worse for custom things 
				__________________ Need help dealing with a hacked website? Contact me via icq 163583431 :D Premium Bandwidth Managed Servers, 12 Years in business xxxHOSTit.com I work for xxxhostit.com   | |
|   |           | 
|  05-28-2010, 02:06 AM | #3 | 
| So Fucking Banned Join Date: Aug 2008 Location: Just Blow Me 
					Posts: 10,551
				 | bump bump | 
|   |           | 
|  05-28-2010, 02:48 AM | #4 | 
| partners.sexier.com Industry Role:  Join Date: Jan 2007 Location: San Francisco, CA 
					Posts: 11,926
				 | i think it is... | 
|   |           | 
|  05-28-2010, 02:52 AM | #6 | 
| Confirmed User Industry Role:  Join Date: Jun 2008 
					Posts: 3,537
				 | hmmmm......I start to worry about this   | 
|   |           | 
|  05-28-2010, 03:25 AM | #7 | 
| Confirmed User Industry Role:  Join Date: Apr 2006 Location: Germany 
					Posts: 4,323
				 | Not only malware. Could be all kinds of stuff. Child pornography, chat servers... 
				__________________ --- ICQ 14-76-98 <-- I don't use this at all | 
|   |           | 
|  05-28-2010, 03:28 AM | #8 | 
| Adult Content Provider Industry Role:  Join Date: May 2005 Location: Europe 
					Posts: 18,243
				 | Too bad for the rogues it's such a solid piece of work. | 
|   |           | 
|  05-28-2010, 03:31 AM | #9 | 
| Confirmed User Join Date: Feb 2001 Location: Land of OZ 
					Posts: 2,337
				 | your kidding right! 
				__________________ I am not a megalomaniac.. I just rule the world Need Quality Hardlinks? We have several packages and custom deals available. *High Quality Hard Links For Sale* ICQ: 394016570 | 
|   |           | 
|  05-28-2010, 03:34 AM | #10 | 
| No Refunds Issued. Industry Role:  Join Date: Apr 2003 
					Posts: 14,809
				 | |
|   |           | 
|  05-28-2010, 03:45 AM | #11 | 
| Confirmed User Industry Role:  Join Date: Jul 2004 
					Posts: 959
				 | Most scripts that are not custom written are potential ticking time bombs, be it Wordpress, Joomla, Drupal or any other system running in obsolete version. There's still a huge amount of online stores running on outdated versions of Joomla and Virtuemart, which are vulnerable for attacks. With updating to newer versions, there are two problems that are both costly and time consuming to be solved. First of all, many extensions are not written properly, utilize hacks and exploit bugs specific to a single subversion of a script. Secondly, in many cases some features and functions can not be achieved by templating system and that's when some core CMS files are being changed and tweaked, making the system hard to update without breaking its functionality... 
				__________________  TEMPLATEHYPE.COM - PREMIUM MECHBUNNY TEMPLATES Responsive Mechbunny templates now available - NEAT TUBE - REDDY TUBE | 
|   |           | 
|  05-28-2010, 04:11 AM | #12 | 
| Too lazy to set a custom title Industry Role:  Join Date: Aug 2002 
					Posts: 55,372
				 | be smart, ive never had a wp site comprimised, lots of ways to protect the site 
				__________________ Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence.  WP Stuff | 
|   |           | 
|  05-28-2010, 06:59 AM | #14 | |
| Confirmed User Industry Role:  Join Date: Jan 2004 
					Posts: 182
				 | Quote: 
 Nothing 'broke'. I am going through the code and upgrading all the obsolete functions, though. And I've never had a WP site compromised. Take some basic steps in protecting it, though, as in, don't prefix your tables with "wp_". Close your eyes and hit the keyboard. Mine is similar to "faiufs98sgfrngsri_".  | |
|   |           | 
|  05-28-2010, 07:59 AM | #15 | 
| ICQ:649699063 Industry Role:  Join Date: Mar 2003 
					Posts: 27,763
				 | Malware and exploits sure suck. Good luck. 
				__________________ Send me an email: [email protected] | 
|   |           | 
|  05-28-2010, 09:38 AM | #16 | 
| Earn enough to buy coffee Industry Role:  Join Date: May 2002 Location: San Diego, Ca. 
					Posts: 4,913
				 | http://securewordpress.com/ Came across this link a few weeks back, some pretty good info on securing your WP site. 
				__________________   | 
|   |           | 
|  05-28-2010, 09:45 AM | #17 | 
| There can be only one Industry Role:  Join Date: Aug 2001 Location: Somewhere else 
					Posts: 39,075
				 | My host requires manual updating on all their packaged installs. That's a good thing because all my shit is tweaked and custom. An auto-upgrade would not be cool. (although I don't use WP) 
				__________________ SIG TOO BIG | 
|   |           | 
|  05-28-2010, 09:59 AM | #18 | 
| Hmm Industry Role:  Join Date: Sep 2005 Location: On an endless road around the world for rock and roll. 
					Posts: 12,642
				 | IMHO old releases are less vulnerable than new releases (off course if secured well and fixed). Every new release is a potential danger of security break. None of my wp installs was hacked yet and I don't have any spam as well. | 
|   |           | 
|  05-28-2010, 10:54 AM | #19 | |
| Confirmed User Industry Role:  Join Date: Jan 2004 
					Posts: 182
				 | Quote: 
 Also, WP historically has been pretty good about releasing security updates quickly, within hours of major releases sometimes. | |
|   |           | 
|  05-28-2010, 01:35 PM | #20 | 
| I help you SUCCEED Industry Role:  Join Date: Nov 2003 Location: The Pearl of the Orient Seas 
					Posts: 32,195
				 | If updated, yes. | 
|   |           | 
|  05-28-2010, 04:40 PM | #21 | 
| I help you SUCCEED Industry Role:  Join Date: Nov 2003 Location: The Pearl of the Orient Seas 
					Posts: 32,195
				 | That's cause for concern.  Although there might be a marketing opportunity here for hosting companies that have a lot of WP blogger customers.  For a small fee they can do upgrades.  As mentioned earlier though, the owner must be well aware re impact on themes/plugins that might not be able to handle the upgrade. | 
|   |           | 
|  05-28-2010, 05:06 PM | #22 | 
| Now choke yourself! Industry Role:  Join Date: Apr 2006 
					Posts: 12,085
				 | Wordpress, no matter how often it is updated, is precisely that. 
				__________________ | 
|   |           | 
|  05-28-2010, 05:20 PM | #23 | 
| Too lazy to set a custom title Industry Role:  Join Date: Aug 2002 
					Posts: 55,372
				 | its mainly these virtual hosts problem with running out of date software, hence why you should have your own vps or dedicated 
				__________________ Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence.  WP Stuff | 
|   |           | 
|  05-29-2010, 12:25 AM | #24 | 
| I help you SUCCEED Industry Role:  Join Date: Nov 2003 Location: The Pearl of the Orient Seas 
					Posts: 32,195
				 | That would be extremely sad if true.  WP is an awesome platform.  It's just sad that blog owners feel like they are playing "whack a mole" with all these updates... | 
|   |           | 
|  05-29-2010, 03:35 AM | #25 | 
| She is ugly, bad luck. Industry Role:  Join Date: Jan 2010 
					Posts: 13,177
				 | As well as just things like keeping it up to date - which applies to any packaged script - how many people just install any old plugin off of a completely random site that they find it on with no idea what it is actually going to do and no understanding of code? 
				__________________ ↑ see post ↑ 13101 | 
|   |           | 
|  05-29-2010, 07:13 AM | #26 | |
| Now choke yourself! Industry Role:  Join Date: Apr 2006 
					Posts: 12,085
				 | Quote: 
 Ask any of your managed host providers what they feel about WordPress. If you're lucky, you'll get a passive-aggressive shrug. 
				__________________ | |
|   |           | 
|  05-29-2010, 07:35 AM | #27 | 
| Too lazy to set a custom title Industry Role:  Join Date: Jul 2001 Location: Currently Incognito 
					Posts: 13,827
				 | WP runs some some of the largest sites on the Internet without any issues or hacks. Don't use a lot of trash/unknown plugins, keep your skin clean and simple as possible, keep your wp updated. Then secure it, remove the header wp tags, pw protect the admin, shut comments off on old posts, and instead of blocking IP's in WP block them through the .htaccess file. 
				__________________      ~TheDoc - ICQ7765825 It's all disambiguation  | 
|   |           | 
|  05-29-2010, 10:46 AM | #28 | |
| I help you SUCCEED Industry Role:  Join Date: Nov 2003 Location: The Pearl of the Orient Seas 
					Posts: 32,195
				 | Quote: 
 | |
|   |           |